Hey, I searched around the web for a while but I did not find anything useful.
The Dilemma
The user has to re-authenticate after 10 or 15 minutes.
The Attempted Fix
ini_set("session.cookie_lifetime", 36000);
ini_set("session.gc_maxlifetime ", 36000);
The Resulting Cookie
Which was set around 9:07 AM on Feb 22
Name: PHPSESSID
Content: 77a4e340ce74c8af9ba7d562fe45141a
Host: my.host.com
Path: /
Expires: Wednesday, February 22, 2006 7:07:21 PM
The Dilemma continues...
The user still has to re-authenticate after 10 or 15 minutes.
Any ideas?
PHP Session Expiry
Moderator: General Moderators
Same here. Its a bit like using a cannon to kill a mosquito, but adodb has a fantastic db-driven session system.feyd wrote:I'd suggest using database sessions.
http://phplens.com/lens/adodb/docs-session.htm
Thats not accurate. /tmp can be cleared at any time, and on a securely configured system, will often be cleared several times a day.chrys wrote:Apparantley we use TMPFS for /tmp/
It is only supposed to get cleared on reboot. Do you guys have any idea where I could search for things being cleared out automatically?
- chrys
- Forum Contributor
- Posts: 118
- Joined: Tue Oct 04, 2005 9:41 am
- Location: West Roxbury, MA (Boston)
View my latest post, I checked when the user got "locked out" and the session was still there, they just couldn't log in at this point, they kept getting logged outRoja wrote:Thats not accurate. /tmp can be cleared at any time, and on a securely configured system, will often be cleared several times a day.chrys wrote:Apparantley we use TMPFS for /tmp/
It is only supposed to get cleared on reboot. Do you guys have any idea where I could search for things being cleared out automatically?
- chrys
- Forum Contributor
- Posts: 118
- Joined: Tue Oct 04, 2005 9:41 am
- Location: West Roxbury, MA (Boston)
-rw------- 1 apache apache 724 Feb 23 09:23 sess_0a4a40cb7e7e8ea7ff48508fe395197fRoja wrote:Extremely odd. Check the ownership and permission on the session file.chrys wrote:View my latest post, I checked when the user got "locked out" and the session was still there, they just couldn't log in at this point, they kept getting logged out